CVE-2023-49228

CVSS 3.1 Score 6.4 of 10 (medium)

Details

Published Dec 28, 2023
Updated: Jan 4, 2024
CWE ID 798

Summary

CVE-2023-49228 is a vulnerability affecting Peplink Balance Two versions prior to 8.4.0. The issue involves hard-coded console port authentication credentials, making it possible for attackers with physical access and sufficient knowledge to gain root access to the system and execute arbitrary commands. This vulnerability poses a significant risk and requires immediate attention from Peplink users to apply the necessary patches to mitigate the threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share